The Good Tech Companies - SquareX Discloses Browser-Native Ransomware That Puts Millions At Risk

Starting point is 00:00:00 This audio is presented by Hacker Noon, where anyone can learn anything about any technology. Square X discloses browser-native ransomware that puts millions at risk. By Cyber Newswire, Palo Alto, USA, March 28, 2025, Cyber Newswire, from Wanakry to the MGM Resorts hack, ransomware remains one of the most damaging cyber threats to plague enterprises. Chainelysis estimates that corporations spend nearly $1 billion dollars on ransom each year, but the greater cost often comes from the reputational damage and operational disruption caused by the attack. Ransomware attacks typically involve tricking victims into downloading and installing the ransomware, which copies, encrypts, and or deletes critical data on the device, only

Starting point is 00:00:44 to be restored upon the ransom payment. Traditionally, the primary target of ransomware has been the victim's device. However, thanks to the proliferation of the cloud and SaaS services, the device no longer holds the keys to the kingdom. Instead, the browser has become the primary way through which employees conduct work and interact with the internet. In other words, the browser is becoming the new endpoint.

Starting point is 00:01:07 Square X has been disclosing major browser vulnerabilities like polymorphic extensions and browser syncjacking, and is now issuing a strong warning on the emergence of browser native ransomware. Greater than Square X's founder, Vivek Ramachandran cautions, with the recent surge in greater than browser-based identity attacks like the one we saw with the Chrome Store OAuth greater-than-attack, we are beginning to see evidence of the, ingredients, of greater-than-browser native ransomwares being used by adversaries. It is only a matter of greater-than-time before one smart attacker figures out how to put all the pieces together. Greater than while EDRs and antiviruses have played an unquestionably

Starting point is 00:01:44 vital role in greater than defending against traditional ransomware, the future of ransomware will no greater than longer involve file downloads, making a browser-native solution a necessity to greater than combat browser-native ransomwares. Greater than greater than, unlike traditional ransomware, browser-native ransomware requires no file download, rendering them completely undetectable by endpoint security solutions. Rather, this attack targets the victim's digital identity, taking advantage of the widespread shift toward cloud-based enterprise storage and the fact that browser-based authentication

Starting point is 00:02:17 is the primary gateway to accessing these resources. In the case studies demonstrated by Square X, these attacks leverage AI agents to automate the majority of the attack sequence, requiring minimal social engineering and interference from the attacker. One potential scenario involves social engineering a user into granting a fake productivity tool access to their email, through which it can identify all the SAAS applications the victim is registered with. It can then systematically reset the password of these apps with AI agents, logging the users out on Theron and holding enterprise data stored on these applications hostage. Similarly, the attacker can also target file sharing services like Google Drive, Dropbox and OneDrive, using the victim's identity to copy out and delete all files stored under their account. Critically, attackers can also gain access to all shared drives, including those shared by colleagues, customers and other third parties.

Starting point is 00:03:11 This significantly expands the attack surface of browser-native ransomware where the impact of most traditional ransomware is confined to a single device. All it takes is one employee's mistake for attackers to gain full access to enterprise-wide resources. As fewer and fewer files are being downloaded, it is inevitable for attackers to follow where work and valuable data are being created and stored. As browsers become the new endpoint, it is crucial for enterprises to reconsider their browser security strategy.

Starting point is 00:03:40 Just as EDRs were critical to defend against file-based ransomware, a browser-native solution with a deep understanding of client-side application layer identity attacks will become essential in combating the next generation of ransomware attacks. To learn more about this security research, users can visit https://sqrx.com, Browser-native Ransomware about SquareX Square X's industry first browser detection and response, BDR, solution helps organizations detect, mitigate, and threat hunt client-side web attack-a-shopping against their users in real time. In addition to browser ransomware, Square X also protects against various browser threats

Starting point is 00:04:20 including identity attacks, malicious extensions, advanced spearfishing, gen-AIDLP, and insider threats. The browser native ransomware disclosure is part of the Year of Browser Bugs project. Every month, Square-X's research team releases a major web attack that focuses on architectural limitations of the browser and incumbent security solutions. Previously disclosed attacks include browser syncjacking and polymorphic extensions. To learn more about Square X's BDR, users can contact founder at sqrx.com, for press inquiries on this disclosure or the year of browser bugs, users canemail Junus at sqrx.com, contact head of PR Junus Liu Square Xjunis at sqrx.com.

Starting point is 00:05:06 Tip This story was distributed as a release by CyberNewsWire under Hacker Noon's business blogging program. Learn more about the program here. Thank you for listening to this Hacker Noon story, read by Artificial Intelligence. Visit hackernoon.com to read, write, learn and publish.

The Good Tech Companies - SquareX Discloses Browser-Native Ransomware That Puts Millions At Risk

There aren't comments yet for this episode. Click on any sentence in the transcript to leave a comment.